Registering NSX Manager to the New vSphere 6.0 Lookup Service Port

Chris Wahl · Posted on2015-03-312020-05-11

If you’re using NSX Manager for your virtualized vSphere environment, and wish to upgrade to vSphere 6.0, you’ll need to use NSX Manager version 6.1.3, which is compatible with vSphere 6.0 but carries caveats on the new vSphere features. More on that below:

NSX vSphere 6.1.3 is compatible with vSphere 6.0. However, the new vSphere features introduced in vSphere 6.0 have not been tested with NSX vSphere. These new vSphere features should not be used in environments where NSX vSphere is installed as they are unsupported. For a list of specific NSX vSphere limitations with respect to vSphere 6.0, see the VMware Knowledge Base article 2110197. (source)

After upgrading NSX Manager to 6.1.3, you might notice that the Lookup Service shows an error status of Disconnected.

If you’re thinking it’s just a bad password or a new certificate, you might even try reconnecting NSX Manager to the Lookup Service provided by the Platform Services Controller (PSC). Doing so will result in an Initialization of STS Clients failed. Root Cause: The SSL certificate of STS service cannot be verified error.

The Fix

The Lookup Service port has changed in vSphere 6.0 to port 443. Simply edit the Lookup Service configuration and change the 7444 (the old port on vSphere 5.1 and 5.5) to 443 (new to vSphere 6.0). The service should change to Connected. I’ve highlighted the correct port in the screenshot below.

It’s also worth keeping in mind that you may have to bounce the vSphere Web Client Service on the vCenter Server before the NSX Manager shows up in the Networking and Security section of the Web Client. If you see 0 NSX Managers listed, try that first – it’s a simple check.